Data security system and method associated with data mining

US 20030120949A1
Filed: 12/31/2002
Published: 06/26/2003
Est. Priority Date: 11/13/2000
Status: Active Grant

First Claim

Patent Images

1. A method of securing data and managing the separation of user-based communities of interest based upon a plurality of security levels in a computer system with memories designated as a remainder store and a plurality of extract stores, said data having one or more security sensitive words, data objects, characters or icons, comprising:

extracting said security sensitive words, data objects, characters or icons from said data to obtain (a) subsets of extracted data and (b) remainder data;

storing said extracted data and said remainder data in said extract stores and said remainder store, respectively; and

, permitting reconstruction of some or all of said data via one or more of said subsets of extracted data and remainder data only in the presence of a predetermined security level of said plurality of security levels.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The data security method, system and associated data mining enables multiple users, each having a respective security clearance level to access security sensitive words, data objects, characters or icons. The method extracts security sensitive words, data objects, characters or icons from plaintext or other source documents to obtain (a) subsets of extracted data and (b) remainder data. The extracted data is, in one embodiment, stored in a multilevel security system (MLS) which separates extract data of different security levels with MLS guards. Some or all of the original data is reconstructed via one or more of the subsets of extracted data and remainder data only in the presence of a predetermined security level. In this manner, an inquiring party, with the proper security clearance, can data mine the data in the MLS secured storage.

149 Citations

78 Claims

1. A method of securing data and managing the separation of user-based communities of interest based upon a plurality of security levels in a computer system with memories designated as a remainder store and a plurality of extract stores, said data having one or more security sensitive words, data objects, characters or icons, comprising:
- extracting said security sensitive words, data objects, characters or icons from said data to obtain (a) subsets of extracted data and (b) remainder data;
  
  storing said extracted data and said remainder data in said extract stores and said remainder store, respectively; and
  
  , permitting reconstruction of some or all of said data via one or more of said subsets of extracted data and remainder data only in the presence of a predetermined security level of said plurality of security levels.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. A method of securing data as claimed in claim 1 operating over a plurality of computers interconnected together.
  - 3. A method of securing data as claimed in claim 2 including encrypting said subsets of extracted data with corresponding degrees of encryption associated with said plurality of security levels, and including decrypting, during the reconstruction, of some or all of said subsets of extracted data only in the presence of said predetermined security level of said plurality of security levels.
  - 4. A method of securing data as claimed in claim 3 including encrypting said subsets of extracted data and remainder data prior to storing.
  - 5. A method of securing data as claimed in claim 1 wherein the step of extracting utilizes one of an inference engine, neural network and artificial intelligence process.
  - 6. A method of securing data as claimed in claim 1 wherein said reconstruction partially reconstructs said data in response to a query and represents data mining of said data.
  - 7. A method of securing data as claimed in claim 6 including permitting reconstruction of some or all of said data after securing compensation therefor.
  - 8. A method as claimed in claim 1 wherein each of said plurality of security levels is associated with a respective security clearance, said security sensitive words, data objects, characters or icons being correlated with said plurality of security levels and subsets of said security sensitive words, data objects, characters or icons and the step of reconstruction including the step of permitting a plurality of partial reconstructions of said data in the presence of respective ones of said plurality of security clearance levels.
  - 9. A method as claimed in claim 1 wherein said computer system includes a display fed from video memory having a plurality of frame memory segments, the reconstruction step including interleaving extracted data and remainder data into respective ones of said plurality of frame memory segments.
  - 10. A method as claimed in claim 1 wherein said computer system includes a data display system with at least two separate but visually overlaid displays, the step of reconstruction including displaying said extracted data on one of said at least two displays and displaying said remainder data on another of said at least two displays.
  - 11. A method of securing data as claimed in claim 4 wherein the step of extracting utilizes one of an inference engine, neural network and artificial intelligence process.
  - 12. A method of securing data as claimed in claim 11 wherein said reconstruction partially reconstructs said data in response to a query and represents data mining of said data.
  - 13. A method of securing data as claimed in claim 12 including permitting reconstruction of some or all of said data after securing compensation therefor.
  - 14. A method as claimed in claim 13 wherein each of said plurality of security levels is associated with a respective security clearance, said security sensitive words, data objects, characters or icons being correlated with said plurality of security levels and subsets of said security sensitive words, data objects, characters or icons and the step of reconstruction including the step of permitting a plurality of partial reconstructions of said data in the presence of respective ones of said plurality of security clearance levels.

15. A method of securing data and managing the separation of user-based communities of interest based upon a plurality of security levels in a computer system with memories designated as a remainder store and a plurality of extract stores, said data having one or more security sensitive words, data objects, characters or icons grouped in (a) subsets of extracted data and (b) remainder data, comprising:
- storing said extracted data and said remainder data in said extract stores and said remainder store, respectively; and
  
  , permitting reconstruction of some or all of said data via one or more of said subsets of extracted data and remainder data only in the presence of a predetermined security level of said plurality of security levels.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 16. A method of securing data as claimed in claim 15 operating over a plurality of computers interconnected together.
  - 17. A method of securing data as claimed in claim 16 wherein said subsets of extracted data are encrypted with corresponding degrees of encryption associated with said plurality of security levels, and including decrypting, during the reconstruction, of some or all of said subsets of extracted data only in the presence of said predetermined security level of said plurality of security levels.
  - 18. A method of securing data as claimed in claim 17 including encrypting said subsets of extracted data and remainder data prior to storing.
  - 19. A method of securing data as claimed in claim 15 wherein said reconstruction partially reconstructs said data in response to a query and represents data mining of said data.
  - 20. A method of securing data as claimed in claim 19 including permitting reconstruction of some or all of said data after securing compensation therefor.
  - 21. A method as claimed in claim 15 wherein each of said plurality of security levels is associated with a respective security clearance, said security sensitive words, data objects, characters or icons being correlated with said plurality of security levels and subsets of said security sensitive words, data objects, characters or icons and the step of reconstruction including the step of permitting a plurality of partial reconstructions of said data in the presence of respective ones of said plurality of security clearance levels.
  - 22. A method as claimed in claim 15 wherein said computer system includes a display fed from video memory having a plurality of frame memory segments, the reconstruction step including interleaving extracted data and remainder data into respective ones of said plurality of frame memory segments.
  - 23. A method as claimed in claim 15 wherein said computer system includes a data display system with at least two separate but visually overlaid displays, the step of reconstruction including displaying said extracted data on one of said at least two displays and displaying said remainder data on another of said at least two displays.
  - 24. A method of securing data as claimed in claim 20 wherein said reconstruction partially reconstructs said data in response to a query and represents data mining of said data.
  - 25. A method of securing data as claimed in claim 24 including permitting reconstruction of some or all of said data after securing compensation therefor.
  - 26. A method as claimed in claim 25 wherein each of said plurality of security levels is associated with a respective security clearance, said security sensitive words, data objects, characters or icons being correlated with said plurality of security levels and subsets of said security sensitive words, data objects, characters or icons and the step of reconstruction including the step of permitting a plurality of partial reconstructions of said data in the presence of respective ones of said plurality of security clearance levels.

27. A computer readable medium containing programming instructions for securing data and managing the separation of user-based communities of interest based upon a plurality of security levels in a computer system with memories designated as a remainder store and a plurality of extract stores, said data having one or more security sensitive words, data objects, characters or icons, the programming instructions comprising:
- extracting said security sensitive words, data objects, characters or icons from said data to obtain (a) subsets of extracted data and (b) remainder data;
  
  storing said extracted data and said remainder data in said extract stores and said remainder store, respectively; and
  
  , permitting reconstruction of some or all of said data via one or more of said subsets of extracted data and remainder data only in the presence of a predetermined security level of said plurality of security levels.
- View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 28. A medium with programming instructions as claimed in claim 27 including programming instructions to store said extracted data and said remainder data over a plurality of computers interconnected together.
  - 29. A medium with programming instructions as claimed in claim 27 including instructions for encrypting said subsets of extracted data with corresponding degrees of encryption associated with said plurality of security levels, and including decrypting, during the reconstruction, of some or all of said subsets of extracted data only in the presence of said predetermined security level of said plurality of security levels.
  - 30. A medium with programming instructions as claimed in claim 27 including instructions for encrypting said subsets of extracted data and remainder data prior to storing.
  - 31. A medium with programming instructions as claimed in claim 27 wherein the extracting utilizes one of an inference engine, neural network and artificial intelligence process.
  - 32. A medium with programming instructions as claimed in claim 27 wherein said reconstruction partially reconstructs said data in response to a query and represents data mining of said data.
  - 33. A medium with programming instructions as claimed in claim 27 including instructions for permitting reconstruction of some or all of said data after securing compensation therefor.
  - 34. A medium with programming instructions as claimed in claim 27 wherein each of said plurality of security levels is associated with a respective security clearance, said security sensitive words, data objects, characters or icons being correlated with said plurality of security levels and subsets of said security sensitive words, data objects, characters or icons and the reconstruction includes permitting a plurality of partial reconstructions of said data in the presence of respective ones of said plurality of security clearance levels.
  - 35. A medium with programming instructions as claimed in claim 27 wherein said computer system includes a display fed from video memory having a plurality of frame memory segments, the reconstruction including interleaving extracted data and remainder data into respective ones of said plurality of frame memory segments.
  - 36. A medium with programming instructions as claimed in claim 27 wherein said computer system includes a data display system with at least two separate but visually overlaid displays, the reconstruction including displaying said extracted data on one of said at least two displays and displaying said remainder data on another of said at least two displays.
  - 37. A medium with programming instructions as claimed in claim 29 wherein extracting utilizes one of an inference engine, neural network and artificial intelligence process.
  - 38. A medium with programming instructions as claimed in claim 37 wherein said reconstruction partially reconstructs said data in response to a query and represents data mining of said data.
  - 39. A medium with programming instructions as claimed in claim 38 including permitting reconstruction of some or all of said data after securing compensation therefor.
  - 40. A medium with programming instructions as claimed in claim 39 wherein each of said plurality of security levels is associated with a respective security clearance, said security sensitive words, data objects, characters or icons being correlated with said plurality of security levels and subsets of said security sensitive words, data objects, characters or icons and the reconstruction includes permitting a plurality of partial reconstructions of said data in the presence of respective ones of said plurality of security clearance levels.

41. A computer readable medium containing programming instructions for securing data and managing the separation of user-based communities of interest based upon a plurality of security levels in a computer system with memories designated as a remainder store and a plurality of extract stores, said data having one or more security sensitive words, data objects, characters or icons grouped in (a) subsets of extracted data and (b) remainder data, the programming instructions comprising:
- storing said extracted data and said remainder data in said extract stores and said remainder store, respectively; and
  
  , permitting reconstruction of some or all of said data via one or more of said subsets of extracted data and remainder data only in the presence of a predetermined security level of said plurality of security levels.
- View Dependent Claims (42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52)
- - 42. A medium with programming instructions as claimed in claim 41 operating over a plurality of computers interconnected together.
  - 43. A medium with programming instructions as claimed in claim 42 wherein said subsets of extracted data are encrypted with corresponding degrees of encryption associated with said plurality of security levels, and including decrypting, during the reconstruction, of some or all of said subsets of extracted data only in the presence of said predetermined security level of said plurality of security levels.
  - 44. A medium with programming instructions as claimed in claim 43 including encrypting said subsets of extracted data and remainder data prior to storing.
  - 45. A medium with programming instructions as claimed in claim 41 wherein said reconstruction partially reconstructs said data in response to a query and represents data mining of said data.
  - 46. A medium with programming instructions as claimed in claim 45 including permitting reconstruction of some or all of said data after securing compensation therefor.
  - 47. A medium with programming instructions as claimed in claim 41 wherein each of said plurality of security levels is associated with a respective security clearance, said security sensitive words, data objects, characters or icons being correlated with said plurality of security levels and subsets of said security sensitive words, data objects, characters or icons and the reconstruction includes permitting a plurality of partial reconstructions of said data in the presence of respective ones of said plurality of security clearance levels.
  - 48. A medium with programming instructions as claimed in claim 41 wherein said computer system includes a display fed from video memory having a plurality of frame memory segments, the reconstruction includes interleaving extracted data and remainder data into respective ones of said plurality of frame memory segments.
  - 49. A medium with programming instructions as claimed in claim 41 wherein said computer system includes a data display system with at least two separate but visually overlaid displays, the reconstruction including displaying said extracted data on one of said at least two displays and displaying said remainder data on another of said at least two displays.
  - 50. A medium with programming instructions as claimed in claim 46 wherein said reconstruction partially reconstructs said data in response to a query and represents data mining of said data.
  - 51. A medium with programming instructions as claimed in claim 50 including permitting reconstruction of some or all of said data after securing compensation therefor.
  - 52. A medium with programming instructions as claimed in claim 51 wherein each of said plurality of security levels is associated with a respective security clearance, said security sensitive words, data objects, characters or icons being correlated with said plurality of security levels and subsets of said security sensitive words, data objects, characters or icons and the reconstruction includes permitting a plurality of partial reconstructions of said data in the presence of respective ones of said plurality of security clearance levels.

53. An information processing system for securing data and managing the separation of user-based communities of interest based upon a plurality of security levels in a computer system with memories designated as a remainder store and a plurality of extract stores, said data having one or more security sensitive words, data objects, characters or icons, comprising:
- means for extracting said security sensitive words, data objects, characters or icons from said data to obtain (a) subsets of extracted data and (b) remainder data;
  
  means for storing said extracted data and said remainder data in said extract stores and said remainder store, respectively; and
  
  , means for permitting reconstruction of some or all of said data via one or more of said subsets of extracted data and remainder data only in the presence of a predetermined security level of said plurality of security levels.
- View Dependent Claims (54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66)
- - 54. An information processing system as claimed in claim 53 including means for storing said extracted data and said remainder data over a plurality of computers interconnected together.
  - 55. An information processing system as claimed in claim 53 including means for encrypting said subsets of extracted data with corresponding degrees of encryption associated with said plurality of security levels, and including means for decrypting, during the reconstruction, of some or all of said subsets of extracted data only in the presence of said predetermined security level of said plurality of security levels.
  - 56. An information processing system as claimed in claim 53 including means for encrypting said subsets of extracted data and remainder data prior to storing.
  - 57. An information processing system as claimed in claim 53 wherein said means for extracting utilizes one of an inference engine, neural network and artificial intelligence system.
  - 58. An information processing system as claimed in claim 53 wherein said means for reconstruction partially reconstructs said data in response to a query and represents data mining of said data.
  - 59. An information processing system as claimed in claim 53 including means for permitting reconstruction of some or all of said data after securing compensation therefor.
  - 60. An information processing system as claimed in claim 53 wherein each of said plurality of security levels is associated with a respective security clearance, said security sensitive words, data objects, characters or icons being correlated with said plurality of security levels and subsets of said security sensitive words, data objects, characters or icons and said means for reconstruction including means for permitting a plurality of partial reconstructions of said data in the presence of respective ones of said plurality of security clearance levels.
  - 61. An information processing system as claimed in claim 53 wherein said computer system includes a display fed from video memory having a plurality of frame memory segments, the means for reconstruction including means for interleaving extracted data and remainder data into respective ones of said plurality of frame memory segments.
  - 62. An information processing system as claimed in claim 53 wherein said computer system includes a data display system with at least two separate but visually overlaid displays, the means for reconstruction including means for displaying said extracted data on one of said at least two displays and displaying said remainder data on another of said at least two displays.
  - 63. An information processing system as claimed in claim 55 wherein the means for extracting utilizes one of an inference engine, neural network and artificial intelligence process.
  - 64. An information processing system as claimed in claim 63 wherein said means for reconstruction partially reconstructs said data in response to a query and represents data mining of said data.
  - 65. An information processing system as claimed in claim 64 including means for permitting reconstruction of some or all of said data after securing compensation therefor.
  - 66. An information processing system as claimed in claim 65 wherein each of said plurality of security levels is associated with a respective security clearance, said security sensitive words, data objects, characters or icons being correlated with said plurality of security levels and subsets of said security sensitive words, data objects, characters or icons and the means for reconstruction including means for permitting a plurality of partial reconstructions of said data in the presence of respective ones of said plurality of security clearance levels.

67. An information processing system for securing data and managing the separation of user-based communities of interest based upon a plurality of security levels in a computer system with memories designated as a remainder store and a plurality of extract stores, said data having one or more security sensitive words, data objects, characters or icons grouped in (a) subsets of extracted data and (b) remainder data, comprising:
- means for storing said extracted data and said remainder data in said extract stores and said remainder store, respectively; and
  
  , means for permitting reconstruction of some or all of said data via one or more of said subsets of extracted data and remainder data only in the presence of a predetermined security level of said plurality of security levels.
- View Dependent Claims (68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78)
- - 68. An information processing system as claimed in claim 67 operating over a plurality of computers interconnected together.
  - 69. An information processing system as claimed in claim 68 wherein said subsets of extracted data are encrypted with corresponding degrees of encryption associated with said plurality of security levels, and including means for decrypting of some or all of said subsets of extracted data only in the presence of said predetermined security level of said plurality of security levels.
  - 70. An information processing system as claimed in claim 69 including means for encrypting said subsets of extracted data and remainder data prior to storing.
  - 71. An information processing system as claimed in claim 67 wherein said means for reconstruction partially reconstructs said data in response to a query and represents data mining of said data.
  - 72. An information processing system as claimed in claim 71 including means for permitting reconstruction of some or all of said data after securing compensation therefor.
  - 73. An information processing system as claimed in claim 67 wherein each of said plurality of security levels is associated with a respective security clearance, said security sensitive words, data objects, characters or icons being correlated with said plurality of security levels and subsets of said security sensitive words, data objects, characters or icons and the means for reconstruction including means for permitting a plurality of partial reconstructions of said data in the presence of respective ones of said plurality of security clearance levels.
  - 74. An information processing system as claimed in claim 67 wherein said computer system includes a display fed from video memory having a plurality of frame memory segments, the means for reconstruction including means for interleaving extracted data and remainder data into respective ones of said plurality of frame memory segments.
  - 75. An information processing system as claimed in claim 67 wherein said computer system includes a data display system with at least two separate but visually overlaid displays, the means for reconstruction including means for displaying said extracted data on one of said at least two displays and displaying said remainder data on another of said at least two displays.
  - 76. An information processing system as claimed in claim 72 wherein said means for reconstruction partially reconstructs said data in response to a query and represents data mining of said data.
  - 77. An information processing system as claimed in claim 76 including means for permitting reconstruction of some or all of said data after securing compensation therefor.
  - 78. An information processing system as claimed in claim 77 wherein each of said plurality of security levels is associated with a respective security clearance, said security sensitive words, data objects, characters or icons being correlated with said plurality of security levels and subsets of said security sensitive words, data objects, characters or icons and the means for reconstruction includes means for permitting a plurality of partial reconstructions of said data in the presence of respective ones of said plurality of security clearance levels.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
DigitalDoors, Inc.
Original Assignee
DigitalDoors, Inc.
Inventors
Nemzow, Martin A., Redlich, Ron M.

Granted Patent

US 7,322,047 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/200
CPC Class Codes

A61K 38/00   Medicinal preparations cont...

C07K 14/70575   NGF/TNF-superfamily, e.g. C...

G06F 21/62   Protecting access to data v...

G06F 21/6209   to a single file or object,...

G06F 21/6245   Protecting personal data, e...

G06F 2221/2111   Location-sensitive, e.g. ge...

H04L 63/10   for controlling access to d...

H04L 63/107   wherein the security polici...

Data security system and method associated with data mining

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

149 Citations

78 Claims

Specification

Solutions

Use Cases

Quick Links

Data security system and method associated with data mining

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

149 Citations

78 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links